The display service-security statistics command displays statistics about matched rules in MPAC policies.
| Parameter | Description | Value |
|---|---|---|
| ipv4 | Specifies IPv4 MPAC policies. | - |
| ipv6 | Specifies IPv6 MPAC policies. | - |
| security-policy-name | Specifies the name of an MPAC policy. | The value is a string of 1 to 31 case-sensitive characters without spaces and must start with a letter. |
MPAC policies can be configured to filter packets to be sent to the CPU, thereby helping protect devices against various types of attacks.
The display service-security statistics command displays statistics about matched rules in MPAC policies.
# Display statistics about matched rules in all IPv4 MPAC policies.
<sysname> display service-security statistics ipv4
Policy Name : A1 Step : 5 Policy Name : a1 Step : 5 Policy Name : a123456789012345678901234567890 Step : 5 rule 5 deny protocol tcp source-ip 10.1.1.1 1.1.1.1 destination-ip 10.1.1.2 1.1.1.1 source-port 65534 destination-port 55100 (11 times matched) rule 10 deny protocol tcp source-ip 10.1.1.1 1.1.1.1 destination-ip 10.1.1.2 1.1.1.1 source-port 65534 destination-port 55101 (10times matched) rule 15 deny protocol tcp source-ip 10.1.1.1 1.1.1.1 destination-ip 10.1.1.2 1.1.1.1 source-port 65534 destination-port 55102 (3times matched) Policy Name : beijing Description : mpac policy for ipv4 Step : 2 rule 2 permit protocol any (0 times matched) rule 4 deny protocol any (0 times matched) rule 6 permit protocol bgp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (1 times matched) rule 12 permit protocol ftp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 14 permit protocol ip source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 16 permit protocol ldp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 20 permit protocol ntp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 22 permit protocol ospf source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched) rule 24 permit protocol rip source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 26 permit protocol rsvp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched) rule 28 permit protocol snmp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched) rule 30 permit protocol ssh source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 32 permit protocol tcp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 34 permit protocol telnet source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) rule 36 permit protocol tftp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched) rule 38 permit protocol udp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched) Policy Name : huawei Step : 5 rule 5 permit protocol tcp source-ip 127.1.1.1 0 source-port 1000 (10 times matched) rule 10 permit protocol ip source-ip 10.10.1.0 0.0.0.255 (1 times matched) Policy Name : huawei1 Step : 5 Policy Name : huawei1# Step : 5